* [PATCH 0/2] harden libkmod-builtin with wrong modules.builtin.modinfo
[not found] <CGME20210413112018epcas1p15c2cb9693086133c145845030df145ef@epcas1p1.samsung.com>
@ 2021-04-13 11:23 ` Seung-Woo Kim
[not found] ` <CGME20210413112018epcas1p4e7e6b23060a83694867b07a1f1afc200@epcas1p4.samsung.com>
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Seung-Woo Kim @ 2021-04-13 11:23 UTC (permalink / raw)
To: linux-modules, lucas.de.marchi; +Cc: gladkov.alexey, sw0312.kim, sungguk.na
The wrong data in modules.builtin.modinfo can cause overflow or
double free from modinfo with libkmod-builtin. Fix the error
cases with strict checking.
Seung-Woo Kim (2):
libkmod: fix an overflow with wrong modules.builtin.modinfo
libkmod: fix possible double free with wrong modules.builtin.modinfo
libkmod/libkmod-builtin.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--
2.19.2
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH 1/2] libkmod: fix an overflow with wrong modules.builtin.modinfo
[not found] ` <CGME20210413112018epcas1p4e7e6b23060a83694867b07a1f1afc200@epcas1p4.samsung.com>
@ 2021-04-13 11:23 ` Seung-Woo Kim
0 siblings, 0 replies; 4+ messages in thread
From: Seung-Woo Kim @ 2021-04-13 11:23 UTC (permalink / raw)
To: linux-modules, lucas.de.marchi; +Cc: gladkov.alexey, sw0312.kim, sungguk.na
Fix a possbile overflow with exact PATH_MAX length modname
in wrong modules.builtin.modinfo.
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
---
libkmod/libkmod-builtin.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libkmod/libkmod-builtin.c b/libkmod/libkmod-builtin.c
index fc9a37644261..a75a542f6942 100644
--- a/libkmod/libkmod-builtin.c
+++ b/libkmod/libkmod-builtin.c
@@ -246,7 +246,7 @@ bool kmod_builtin_iter_get_modname(struct kmod_builtin_iter *iter,
len = dot - line;
- if (len > PATH_MAX) {
+ if (len >= PATH_MAX) {
sv_errno = ENAMETOOLONG;
goto fail;
}
--
2.19.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH 2/2] libkmod: fix possible double free with wrong modules.builtin.modinfo
[not found] ` <CGME20210413112019epcas1p22c64b861d296333a64c348020c7ca20e@epcas1p2.samsung.com>
@ 2021-04-13 11:23 ` Seung-Woo Kim
0 siblings, 0 replies; 4+ messages in thread
From: Seung-Woo Kim @ 2021-04-13 11:23 UTC (permalink / raw)
To: linux-modules, lucas.de.marchi; +Cc: gladkov.alexey, sw0312.kim, sungguk.na
Fix double free for *modinfo with non '\0' terminated wrong
modules.builtin.modinfo, which is because EOF is minus value.
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
---
libkmod/libkmod-builtin.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libkmod/libkmod-builtin.c b/libkmod/libkmod-builtin.c
index a75a542f6942..a002cb5ee2c6 100644
--- a/libkmod/libkmod-builtin.c
+++ b/libkmod/libkmod-builtin.c
@@ -313,7 +313,7 @@ ssize_t kmod_builtin_get_modinfo(struct kmod_ctx *ctx, const char *modname,
while (offset < iter->next) {
offset = get_string(iter, pos, &line, &linesz);
if (offset <= 0) {
- count = (offset) ? -errno : -EOF;
+ count = (offset) ? -errno : -EINVAL;
free(*modinfo);
goto fail;
}
--
2.19.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH 0/2] harden libkmod-builtin with wrong modules.builtin.modinfo
2021-04-13 11:23 ` [PATCH 0/2] harden libkmod-builtin with wrong modules.builtin.modinfo Seung-Woo Kim
[not found] ` <CGME20210413112018epcas1p4e7e6b23060a83694867b07a1f1afc200@epcas1p4.samsung.com>
[not found] ` <CGME20210413112019epcas1p22c64b861d296333a64c348020c7ca20e@epcas1p2.samsung.com>
@ 2021-04-17 20:58 ` Lucas De Marchi
2 siblings, 0 replies; 4+ messages in thread
From: Lucas De Marchi @ 2021-04-17 20:58 UTC (permalink / raw)
To: Seung-Woo Kim; +Cc: linux-modules, lucas.de.marchi, gladkov.alexey, sungguk.na
On Tue, Apr 13, 2021 at 08:23:13PM +0900, Seung-Woo Kim wrote:
>The wrong data in modules.builtin.modinfo can cause overflow or
>double free from modinfo with libkmod-builtin. Fix the error
>cases with strict checking.
>
>Seung-Woo Kim (2):
> libkmod: fix an overflow with wrong modules.builtin.modinfo
> libkmod: fix possible double free with wrong modules.builtin.modinfo
both commits applied,
thanks
Lucas De Marchi
>
> libkmod/libkmod-builtin.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
>--
>2.19.2
>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-04-17 20:58 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <CGME20210413112018epcas1p15c2cb9693086133c145845030df145ef@epcas1p1.samsung.com>
2021-04-13 11:23 ` [PATCH 0/2] harden libkmod-builtin with wrong modules.builtin.modinfo Seung-Woo Kim
[not found] ` <CGME20210413112018epcas1p4e7e6b23060a83694867b07a1f1afc200@epcas1p4.samsung.com>
2021-04-13 11:23 ` [PATCH 1/2] libkmod: fix an overflow " Seung-Woo Kim
[not found] ` <CGME20210413112019epcas1p22c64b861d296333a64c348020c7ca20e@epcas1p2.samsung.com>
2021-04-13 11:23 ` [PATCH 2/2] libkmod: fix possible double free " Seung-Woo Kim
2021-04-17 20:58 ` [PATCH 0/2] harden libkmod-builtin " Lucas De Marchi
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.